Apache Software Foundation Tika 2.0.0

CPE Details

Apache Software Foundation Tika 2.0.0
apache
tika
2.0.0
2022-05-24
12h25 +00:00
2022-05-24
12h59 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:apache:tika:2.0.0:*:*:*:*:*:*:*

Informations

Vendor

apache

Product

tika

Version

2.0.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-33879 2022-06-27 19h40 +00:00 The initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in the StandardsExtractingContentHandler were insufficient, and we found a separate, new regex DoS in a different regex in the StandardsExtractingContentHandler. These are now fixed in 1.28.4 and 2.4.1.
3.3
Bas
CVE-2022-30126 2022-05-16 15h05 +00:00 In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.2 and 2.4.0
5.5
Moyen
CVE-2022-25169 2022-05-16 15h05 +00:00 The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files.
5.5
Moyen